I. FRONT AND CENTER
---------------------
1. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

2. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

Attackers can leverage this issue to execute arbitrary code in the context of the application. Successful exploits will compromise the application and the underlying computer. Failed attacks will cause denial-of-service conditions.

We don't know which specific versions of Solstice AdminSuite are affected, but versions for Solaris 8 and 9 are reported vulnerable. We will update this BID as more information emerges.

Attackers can leverage these vulnerabilities to execute arbitrary HTML or script code in the context of the affected site or access certain administrative functions. This can allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, launch denial-of-service attacks, and compromise the application; other attacks are also possible.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

GForge versions 4.5.14 and 4.7rc2 are affected; other versions may be affected as well.

An attacker may leverage this vulnerability to bypass content filters. This may lead to cross-site scripting attacks or allow the attacker to obtain sensitive information in some cases. Other attacks are also possible.

NOTE: This issue was previously covered in BID 34926 (Apple Mac OS X 2009-002 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

An attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or to launch spoofing attacks against other sites. Other attacks are also possible.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

A remote attacker can exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or to launch spoofing attacks against other sites. Other attacks are also possible.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.

An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

'AmpX.dll' 2.4.0.6 is vulnerable; other versions may also be affected.

An attacker may leverage this issue by inserting arbitrary content to spoof a URI presented to an unsuspecting user. This may lead to a false sense of trust because the victim may be presented with a URI of a seemingly trusted site while interacting with the attacker's malicious site.

Versions *prior to* the following are affected:

Firefox 3.0.11
SeaMonkey 1.1.17

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Attackers can exploit this issue to bypass restrictions on reading local files, which may allow them to obtain sensitive information or launch other attacks.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Attackers can exploit this issue to execute arbitrary JavaScript code with chrome privileges. This may result in elevated privileges or lead to a denial-of-service condition. Other attacks may also be possible.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: These issues were previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but have been assigned their own record to better document them.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Attackers can exploit this issue to bypass the content-loading policies. The impact of this issue will depend on the reasons behind the content check.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Attackers can exploit this issue to execute arbitrary code with the object's chrome privileges.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application or to obtain sensitive information.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Attackers can exploit this issue to bypass certain security restrictions and gain access to potentially sensitive information that may aid in further attacks.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of a site that uses the affected functionality. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: In some cases, arbitrary code execution may not be possible.

NOTE: These issues were previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but have been assigned their own record to better document them.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how sites are rendered to the user. Other attacks are also possible.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

UPDATE (June 17, 2009): This BID had been updated to reflect that the issue affects multiple browsers, not just Mozilla products.

Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTPS site. Successful exploits will lead to a false sensitive security since the victim is visiting a site that is assumed to be legitimate.

Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users. This issue may possibly also allow remote code-execution, but this has not been confirmed.

A local attacker may be able to exploit this issue to read or write to unintended address spaces. This may result in denial-of-service conditions, the disclosure of sensitive information, or privilege escalation.

This issue affects versions prior to Linux 2.6.28.6 on some 64-bit architectures, including s390, PowerPC, SPARC64, and MIPS. Additional architectures may also be affected.

Attackers may exploit this vulnerability to aid in phishing attacks or to obtain sensitive information. Other attacks are also possible. Note that to take advantage of this issue, an attacker must be able to intercept or control network traffic. This would normally be possible through a man-in-the-middle attack, DNS poisoning, or similar vectors.

Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

This issue was introduced in Linux kernel 2.6.27 and fixed in 2.6.29.

73. Linux Kernel '/proc/iomem' Sparc64 Local Denial of Service Vulnerability
BugTraq ID: 35415
Remote: No
Last Updated: 2009-06-18
Relevant URL: http://www.securityfocus.com/bid/35415
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability that attackers can exploit to cause an affected computer to crash.

This issue affects the Linux kernel 2.6.22-rc1 through 2.6.29 on the sparc64 architecture.

A remote attacker may exploit this issue by enticing victims into opening a malicious HTML document.

Exploiting this issue allows the attacker to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

Roxio CinePlayer 3.2 is vulnerable; other versions may also be affected.

Exploiting these issues may allow attackers to crash the application, denying service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

Remote attackers can exploit this issue to execute arbitrary code with superuser privileges, which can result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise the affected computer. Failed attacks will cause denial-of-service conditions.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

MoinMoin 1.7.3 and 1.8.1 are vulnerable; other versions may also be affected

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

MoinMoin 1.7.0 and 1.6.3 are vulnerable; prior versions may be affected as well.

2. Obama launches cybersecurity initiative
By: Robert Lemos
The U.S. president announces that the nation's networks will be considered a "strategic national asset" and creates a top position in the White House to formulate a better cybersecurity policy.
http://www.securityfocus.com/news/11551

3. Browsers bashed first in hacking contest
By: Robert Lemos
A security researcher keeps a vulnerability on ice for an entire year, before using it at the Pwn2Own contest to exploit Apple's browser. Microsoft's Internet Explorer 8 falls soon after.
http://www.securityfocus.com/news/11549

4. Experts: U.S. needs to defend its "cyber turf"
By: Robert Lemos
The United States must develop a Monroe Doctrine for the Internet, defining what constitutes its cyberspace and pledging to defend its virtual borders, security experts told Congress.
http://www.securityfocus.com/news/11548

VIII. SUN FOCUS LIST SUMMARY
----------------------------
IX. LINUX FOCUS LIST SUMMARY
----------------------------
X. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to sf-news-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.